Configure Web Security Manager to Not Change the X-Forwarded-For Header

Description

By default, Alert Logic Web Security Manager will insert the IP address of the upstream proxy in the X-Forwarded-For (XFF) header. Some customers have applications that rely on a specific list of XFF headers and do not want Web Security Manager to change the XFF header. In this case, Web Security Manager can be configured to not change the XFF header.

Solution

In the top of the Alert Logic console, under the Configuration main menu tab, click WAF.

Click Websites in the left sidebar.

Find your desired website and click Manage Website.

Select Virtual host.

Enable the Use trusted proxy option.

Enter the IP address of the upstream proxy (or the subnet that the upstream proxy resides in).